Fake HD repair tool targets Windows users
Posted on 11.05.2012
In the last year, ransomware infections have taken over from scareware as the cybercriminals' favorite mode of squeezing money out of their victims, but that doesn't mean that scareware has disappeared altogether.

Avast researchers have recently spotted a piece of fake computer diagnostic software that goes by the name of "S.M.A.R.T. Repair", which supposedly scans the victim's machine and "detects" critical hard disk errors (click on the screenshot to enlarge it):



What's interesting about this software is that once run, it cannot be quitted in a normal way. "If you press the ‘X’ in the top right corner, it only minimizes," the researchers point out. "If you right click the 'S.M.A.R.T. Repair' icon in the tray, there is no exit option."

The malware starts "scanning" immediately after it's run and, of course, finds many errors. In order to repair them, the users are urged to buy the license for the software. Once they do it, they are supplied with an activation code that makes the program "fix" the errors, reboot the computer, and give an "all clear" report, and finally allows the user to quit the program.

Luckily for those who have picked up this piece of malware somewhere and are wondering how to get rid of it without paying, Avast researchers have analyzed it and discovered that the activation number is always the same: 08869246386344953972969146034087.

Once the number is inserted and the program successfully registered, the message that pops up thanking the user for purchasing the software and offering customer support gives a clue about the scammers behind it.

The mentioned domain is hosted on a server located in the United Arab Emirates, but belongs to a Russian ISP. And it's not the only one - a number of other domains are also hosted there, and they have all been registered on the same date by a Chinese fraudulent domain registrar.






Spotlight

The role of the cloud in the modern security architecture

Posted on 31 July 2014.  |  Stephen Pao, General Manager, Security Business at Barracuda Networks, offers advice to CISOs concerned about moving the secure storage of their documents into the cloud and discusses how the cloud shaping the modern security architecture.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 1st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //